iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Evolve Bank & Trust, the organisation that had its data leaked by LockBit in place of the US Federal Reserve, has confirmed the authenticity of the leak.
In a release on its website, the bank said it had launched an investigation into the breach, and it confirmed that the data of some of its Evolve retail bank customers and financial technology partners’ customers was stolen.
“It appears these bad actors have released illegally obtained data, including personal identification information (PII), on the dark web,” Evolve said.
“The data varies by individual but may include your name, Social Security number, date of birth, account information and/or other personal information.”
In an update, Evolve confirmed that “customer debit cards, online, and digital banking credentials” were not affected in the breach and appeared to be secure at the time.
Evolve said it has begun communicating with customers and financial technology partners’ customers.
“We encourage all retail banking customers and financial technology partners’ customers (end users) to remain vigilant by monitoring account activity and credit reports,” Evolve said.
“You can set up free fraud alerts from nationwide credit bureaus – Equifax, Experian, and TransUnion. You can also request and review your free credit report at any time via Freecreditreport.com. If you suspect any fraud or suspicious activity, please contact us immediately.”
The Evolve data breach occurred earlier this week after LockBit threatened to leak the data of the US Federal Reserve, setting a countdown timer to end at 6:27 AEST on 26 June 2024.
However, when the timer ran out, no US Federal Reserve data was leaked, but data belonging to Evolve Bank and Trust.
The US Federal Reserve had called out Evolve Bank & Trust earlier this month for “deficiencies in the bank’s anti-money laundering, risk management, and consumer compliance programs”.
LockBit linked the press release alongside the Evolve data.
“Examinations conducted in 2023 found that Evolve engaged in unsafe and unsound banking practices by failing to have in place an effective risk management framework for those partnerships,” the release said.
“In addition, Evolve did not maintain an effective risk management program or controls sufficient to comply with anti-money laundering laws and laws protecting consumers.”
No data belonging to the US Federal Reserve appears to have been leaked.
Be the first to hear the latest developments in the cyber industry.
